| ajay_dp001 | 80f9f5c | 2021-03-23 21:27:51 +0530 | [diff] [blame] | 1 | # ================================ LICENSE_START ============================= |
| 2 | # ============================================================================ |
| 3 | # Copyright (C) 2021 Nordix Foundation. |
| 4 | # ============================================================================ |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | # you may not use this file except in compliance with the License. |
| 7 | # You may obtain a copy of the License at |
| 8 | # |
| 9 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | # |
| 11 | # Unless required by applicable law or agreed to in writing, software |
| 12 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | # See the License for the specific language governing permissions and |
| 15 | # limitations under the License. |
| 16 | # ================================= LICENSE_END ============================== |
| 17 | |
| 18 | ################################################################# |
| 19 | # Global Configuration Defaults. |
| 20 | ################################################################# |
| 21 | global: |
| 22 | nodePortPrefix: 302 |
| 23 | nodePortPrefixExt: 304 |
| 24 | |
| 25 | ################################################################# |
| 26 | # Filebeat Configuration Defaults. |
| 27 | ################################################################# |
| 28 | filebeatConfig: |
| 29 | logstashServiceName: log-ls |
| 30 | logstashPort: 5044 |
| 31 | |
| 32 | ################################################################# |
| 33 | # Secrets Configuration. |
| 34 | ################################################################# |
| 35 | secrets: |
| 36 | - uid: &aafCredsUID aafcreds |
| 37 | type: basicAuth |
| 38 | login: '{{ .Values.aafCreds.identity }}' |
| 39 | password: '{{ .Values.aafCreds.password }}' |
| 40 | passwordPolicy: required |
| 41 | - uid: &pgUserCredsSecretUid pg-user-creds |
| 42 | name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds' |
| 43 | type: basicAuth |
| 44 | externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "pmsh-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' |
| 45 | login: '{{ .Values.postgres.config.pgUserName }}' |
| 46 | password: '{{ .Values.postgres.config.pgUserPassword }}' |
| 47 | passwordPolicy: generate |
| 48 | |
| 49 | ################################################################# |
| 50 | # InitContainer Images. |
| 51 | ################################################################# |
| 52 | tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 |
| 53 | consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0 |
| 54 | |
| 55 | ################################################################# |
| 56 | # Application Configuration Defaults. |
| 57 | ################################################################# |
| 58 | # Application Image |
| 59 | image: onap/org.onap.dcaegen2.services.pmsh:1.3.1 |
| 60 | pullPolicy: Always |
| 61 | |
| 62 | # Log directory where logging sidecar should look for log files |
| 63 | # if absent, no sidecar will be deployed |
| 64 | logDirectory: /var/log/ONAP/dcaegen2/services/pmsh |
| 65 | |
| 66 | # Directory where TLS certs should be stored |
| 67 | # if absent, no certs will be retrieved and stored |
| 68 | certDirectory: /opt/app/pmsh/etc/certs |
| 69 | |
| 70 | # TLS role -- set to true if microservice acts as server |
| 71 | # If true, an init container will retrieve a server cert |
| 72 | # and key from AAF and mount them in certDirectory. |
| 73 | tlsServer: true |
| 74 | |
| 75 | # Dependencies |
| 76 | readinessCheck: |
| 77 | wait_for: |
| 78 | - dcae-config-binding-service |
| 79 | - aaf-cm |
| 80 | - &postgresName dcae-pmsh-postgres |
| 81 | |
| 82 | # Probe Configuration |
| 83 | readiness: |
| 84 | initialDelaySeconds: 10 |
| 85 | periodSeconds: 15 |
| 86 | timeoutSeconds: 1 |
| 87 | path: /healthcheck |
| 88 | scheme: HTTPS |
| 89 | port: 8443 |
| 90 | |
| 91 | # Service Configuration |
| 92 | service: |
| 93 | type: ClusterIP |
| 94 | name: dcae-pmsh |
| 95 | ports: |
| 96 | - name: https |
| 97 | port: 8443 |
| 98 | port_protocol: http |
| 99 | |
| 100 | # AAF Credentials |
| 101 | aafCreds: |
| 102 | identity: dcae@dcae.onap.org |
| 103 | password: demo123456! |
| 104 | |
| 105 | credentials: |
| 106 | - name: AAF_IDENTITY |
| 107 | uid: *aafCredsUID |
| 108 | key: login |
| 109 | - name: AAF_PASSWORD |
| 110 | uid: *aafCredsUID |
| 111 | key: password |
| 112 | |
| 113 | # Initial Application Configuration |
| 114 | applicationConfig: |
| 115 | enable_tls: true |
| 116 | aaf_identity: ${AAF_IDENTITY} |
| 117 | aaf_password: ${AAF_PASSWORD} |
| 118 | key_path: /opt/app/pmsh/etc/certs/key.pem |
| 119 | cert_path: /opt/app/pmsh/etc/certs/cert.pem |
| 120 | ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem |
| 121 | control_loop_name: pmsh-control-loop |
| 122 | operational_policy_name: pmsh-operational-policy |
| 123 | pmsh_policy: |
| 124 | subscription: |
| 125 | subscriptionName: ExtraPM-All-gNB-R2B |
| 126 | administrativeState: LOCKED |
| 127 | fileBasedGP: 15 |
| 128 | fileLocation: "/pm/pm.xml" |
| 129 | nfFilter: { "nfNames": [ "^pnf.*","^vnf.*" ],"modelInvariantIDs": [ ],"modelVersionIDs": [ ],"modelNames": [ ] } |
| 130 | measurementGroups: [ { "measurementGroup": { "measurementTypes": [ { "measurementType": "countera" },{ "measurementType": "counterb" } ],"managedObjectDNsBasic": [ { "DN": "dna" },{ "DN": "dnb" } ] } },{ "measurementGroup": { "measurementTypes": [ { "measurementType": "counterc" },{ "measurementType": "counterd" } ],"managedObjectDNsBasic": [ { "DN": "dnc" },{ "DN": "dnd" } ] } } ] |
| 131 | streams_publishes: |
| 132 | policy_pm_publisher: |
| 133 | type: message_router |
| 134 | dmaap_info: |
| 135 | topic_url: "https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT" |
| 136 | streams_subscribes: |
| 137 | policy_pm_subscriber: |
| 138 | type: message_router |
| 139 | dmaap_info: |
| 140 | topic_url: "https://message-router:3905/events/unauthenticated.PMSH_CL_INPUT" |
| 141 | aai_subscriber: |
| 142 | type: message_router |
| 143 | dmaap_info: |
| 144 | topic_url: "https://message-router:3905/events/AAI-EVENT" |
| 145 | |
| 146 | applicationEnv: |
| 147 | PMSH_PG_URL: &dcaePmshPgPrimary dcae-pmsh-pg-primary |
| 148 | PMSH_PG_USERNAME: |
| 149 | secretUid: *pgUserCredsSecretUid |
| 150 | key: login |
| 151 | PMSH_PG_PASSWORD: |
| 152 | secretUid: *pgUserCredsSecretUid |
| 153 | key: password |
| 154 | |
| 155 | # Resource Limit Flavor -By Default Using Small |
| 156 | flavor: small |
| 157 | |
| 158 | # Segregation for Different Environment (Small and Large) |
| 159 | resources: |
| 160 | small: |
| 161 | limits: |
| 162 | cpu: 1 |
| 163 | memory: 1Gi |
| 164 | requests: |
| 165 | cpu: 1 |
| 166 | memory: 1Gi |
| 167 | large: |
| 168 | limits: |
| 169 | cpu: 2 |
| 170 | memory: 2Gi |
| 171 | requests: |
| 172 | cpu: 2 |
| 173 | memory: 2Gi |
| 174 | unlimited: {} |
| 175 | |
| 176 | ################################################################# |
| 177 | # Application configuration Overriding Defaults in the Postgres. |
| 178 | ################################################################# |
| 179 | postgres: |
| 180 | nameOverride: *postgresName |
| 181 | service: |
| 182 | name: *postgresName |
| 183 | name2: *dcaePmshPgPrimary |
| 184 | name3: dcae-pmsh-pg-replica |
| 185 | container: |
| 186 | name: |
| 187 | primary: dcae-pmsh-pg-primary |
| 188 | replica: dcae-pmsh-pg-replica |
| 189 | persistence: |
| 190 | mountSubPath: pmsh/data |
| 191 | mountInitPath: pmsh |
| 192 | config: |
| 193 | pgUserName: pmsh |
| 194 | pgDatabase: pmsh |
| 195 | pgUserExternalSecret: *pgUserCredsSecretName |